Support

Home Forums Event Espresso Premium EE4 Android App

EE4 Android App

Posted: May 29, 2020 at 10:00 am


cazarinint

May 29, 2020 at 10:00 am

I am getting an error described in the details, “Sorry, you are not allowed to list events. Missing permissions: ee_read… ”

I have checked my permissions and applied the FCGi htaccess item (just in case) and I am still getting this on our site.


Seth Shoultes

  • Support Staff

May 30, 2020 at 8:23 am

Would it be possible to get access to the site for testing? If so, please send WordPress admin-level log in credentials via this form:
http://eventespresso.com/send-login-details/


cazarinint

June 1, 2020 at 9:53 am

This reply has been marked as private.


cazarinint

June 1, 2020 at 10:03 am

This reply has been marked as private.


Seth Shoultes

  • Support Staff

June 1, 2020 at 10:08 am

Thanks for sending over the login information. When testing the API for events, while logged in on your site, I can get a list of events just fine. Here’s a screenshot from Postman:
https://monosnap.com/file/O41Lgw2PQMRP7APR4yQ6tRpIEkklqZ

However, when examining the API endpoint for registrations, I seem to be getting errors related to permissions:
https://monosnap.com/file/9B2IdevKFiJ1YUEh6gmBoF0ctZasCf

I’ll ask another Event Espresso team member to see if they have any suggestions.


cazarinint

June 1, 2020 at 10:19 am

Thank you for the update. I just confirmed that the “EESupport” login has all ee_ capabilities. The user is an administrator account as well. We are using the AAM plugin I hope it’s not interfering in some way because we rely on it for page presence to different roles.


Tony

  • Support Staff

June 1, 2020 at 3:34 pm

This still looks like Auth headers aren’t being passed on your server.

The events endpoint Seth mentioned use unauthorized requests, you don’t need any authentication as its already public information (viewing your events on the site gives you the same info).

The registrations endpoint, (or the event endpoint using registration data) requires authentication and those are returning 403.

We don’t have permissions above to install plugins, can you add the REST API log plugin on the site?

https://wordpress.org/plugins/wp-rest-api-log/


cazarinint

June 1, 2020 at 3:45 pm

Installed. Should I test again or is there more on your end?

It’s kind of strange all of this was working a few months ago when I last tested. Then COVID hit and we don’t have in-person events for a few months.
David


Tony

  • Support Staff

June 1, 2020 at 5:13 pm

Yeah the authorization header isn’t being passed on your server: https://monosnap.com/file/f2v8YrJykmwVK72Nz4raTEh993XAQT

That’s mine on the left and yours on the right. _authorization is being added to the query but that should have been processed and removed.

It’s kind of strange all of this was working a few months ago when I last tested. Then COVID hit and we don’t have in-person events for a few months.

A few months is a long time for updates and anything could have been updated to prevent this from working, plugins, theme or server updates.

I’m assuming the site you gave access to is your dev site? If so you could try temporarily de-activating AAM and see if it makes a difference (as it also processes authorization). I’d recommend creating a backup of the database before de-activating just to be safe, some plugins do weird things on deactivation.


cazarinint

June 3, 2020 at 7:34 am

have to coordinate with our dev team, because when AAM is disabled it will change what they are testing as they work on some private page content. Is there a time that we could cordinate to do this… it seems you are later than me would today after 4pm CDT work for you and then we can turn it back on tomorrow morning?


Tony

  • Support Staff

June 3, 2020 at 7:46 am

In that case, rather than working on a site with active testing/development on it I would recommend cloning that site into a subdirectory to troubleshoot this particular issue there without causing problems from other users.

If the above site is essentially a dev site then you would be basically creating a snapshot of your dev site in which you could troubleshoot and test changes without any issues for others and then once a solution is found apply that to the live site for testing.

However, how you test this is up to you.

For the above testing you don’t really need me to be available (although I’ll happily test logging in whilst it is deactivated), you just need to see if you can log in with the app whilst AAM is disabled.


cazarinint

June 3, 2020 at 7:52 am

I completely understand, thank you. I will perform the AAM test and post results – if seems there is an issue will clone and prepare as suggested. Thanks!


Tony

  • Support Staff

June 3, 2020 at 8:01 am

No problem, to actually answer your question regarding times.

I’m based in the UK so 4 pm CDT is around 10 pm for me and whilst I’m generally still around then I make no promises.

I’m more than happy to test it whilst AAM is disabled but I would basically just be doing the same as you and with the REST API Log enabled I’ll see the requests at some point anyway.

You must be logged in to reply to this support post. Sign In or Register for an Account

Support forum for Event Espresso 3 and Event Espresso 4.
Documentation for EE3 and EE4
Documentation for Event Espresso 3 Documentation for Event Espresso 4

Status: publish

Updated by  Tony 1 month ago ago

Topic Tags

Tagged: 

Notifications

This topic is: not resolved
Do NOT follow this link or you will be banned from the site!